release candidate

app/bootstrap/cmd/main.go

@@ -2,6 +2,7 @@
 //  \\\\\ Copyright 2024-present SPIKE contributors.
 // \\\\\\\ SPDX-License-Identifier: Apache-2.0
 
+// package main is the main entry point of SPIKE Bootstrap.
 package main
 
 import (
@@ -15,21 +16,17 @@ import (
 	sdkErrors "github.com/spiffe/spike-sdk-go/errors"
 	"github.com/spiffe/spike-sdk-go/log"
 	"github.com/spiffe/spike-sdk-go/security/mem"
-	"github.com/spiffe/spike/app/bootstrap/internal/state"
 
 	"github.com/spiffe/spike/app/bootstrap/internal/lifecycle"
 	"github.com/spiffe/spike/app/bootstrap/internal/net"
+	"github.com/spiffe/spike/app/bootstrap/internal/state"
 	"github.com/spiffe/spike/internal/config"
 )
 
 const appName = "SPIKE Bootstrap"
 
 func main() {
-	log.Info(
-		appName,
-		"message", "starting",
-		"version", config.BootstrapVersion,
-	)
+	log.Info(appName, "message", "starting", "version", config.BootstrapVersion)
 
 	// Hard timeout for the entire bootstrap process.
 	// A value of 0 means no timeout (infinite).
@@ -71,11 +68,7 @@ func main() {
 		return
 	}
 
-	log.Info(
-		appName,
-		"message", "FIPS 140.3 Status",
-		"enabled", fips140.Enabled(),
-	)
+	log.Info(appName, "message", "FIPS Status", "enabled", fips140.Enabled())
 
 	// Panics if it cannot acquire the source.
 	src := net.AcquireSource()

app/bootstrap/internal/lifecycle/lifecycle.go

@@ -49,19 +49,13 @@ func ShouldBootstrap() bool {
 
 	// Memory backend doesn't need bootstrap.
 	if env.BackendStoreTypeVal() == env.Memory {
-		log.Info(
-			fName,
-			"message", "skipping bootstrap for in-memory backend",
-		)
+		log.Info(fName, "message", "skipping bootstrap for in-memory backend")
 		return false
 	}
 
 	// Lite backend doesn't need bootstrap.
 	if env.BackendStoreTypeVal() == env.Lite {
-		log.Info(
-			fName,
-			"message", "skipping bootstrap for lite backend",
-		)
+		log.Info(fName, "message", "skipping bootstrap for lite backend")
 		return false
 	}
 
@@ -95,7 +89,7 @@ func ShouldBootstrap() bool {
 		return false
 	}
 
-	// We're in Kubernetes---check the ConfigMap
+	// We're in Kubernetes: Check the ConfigMap
 	clientset, clientErr := kubernetes.NewForConfig(cfg)
 	if clientErr != nil {
 		failErr := sdkErrors.ErrK8sClientFailed.Clone()
@@ -107,7 +101,9 @@ func ShouldBootstrap() bool {
 
 	namespace := "spike"
 	// Read namespace from the service account if not specified
-	if nsBytes, readErr := os.ReadFile(k8sServiceAccountNamespace); readErr == nil {
+	if nsBytes, readErr := os.ReadFile(
+		k8sServiceAccountNamespace,
+	); readErr == nil {
 		namespace = string(nsBytes)
 	}
 
@@ -118,7 +114,7 @@ func ShouldBootstrap() bool {
 	)
 	if getErr != nil {
 		failErr := sdkErrors.ErrK8sReconciliationFailed.Wrap(getErr)
-		// ConfigMap doesn't exist or can't read it - proceed with bootstrap
+		// ConfigMap doesn't exist or can't read it: Proceed with bootstrap
 		failErr.Msg = "failed to get ConfigMap: proceeding with bootstrap"
 		log.WarnErr(fName, *failErr)
 		return true
@@ -140,10 +136,12 @@ func ShouldBootstrap() bool {
 			keyBootstrapCompletedByPod, completedByPod,
 			"reason", reason,
 		)
+
+		// Bootstrap is complete: Skip further bootstraps
 		return false
 	}
 
-	// Bootstrap is not completed: proceed with bootstrap
+	// Bootstrap is not completed: Proceed with bootstrap
 	return true
 }